web - app request -> alpha implementation

2019-11-24 23:23:04 +01:00 · 2019-11-24 23:23:04 +01:00 · c4eb8811ad
commit c4eb8811ad
parent a636eba122
2 changed files with 52 additions and 13 deletions
--- a/bin/web/routes/static.js
+++ b/bin/web/routes/static.js
@ -42,23 +42,35 @@ route.all('/', function(req, res, next) {

 // login page or app request
 route.get('/authenticate', (req, res) => {
+
 	req.session.appRequest = {}; // TODO: data

-	if(req.session && req.session.user) {
-		res.render('request', {
-			appRequest: req.session.appRequest
-		});
-	} else {
-		res.render('login', {
-			login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
-			appRequest: req.session.appRequest
-		});
-	}
-});
+	global['modules'].database.getApps((err, rep) => {
+		if(req.query.appId) {
+			if(req.query.appId && typeof req.query.appId == "string") {
+				// req.query.appId
+				// verify appId (if in rep)
+				req.session.appRequest.appId = req.query.appId;

-// authenticate user for server
-route.post('/authenticate', (req, res) => {
+				// TODO: on accept, setAuthCode and redirect with token
+				// on cancel, redirect to dashboard
+			}
+		}

+		if(req.session && req.session.user) {
+			res.render('request', {
+				session: req.session,
+				appRequest: req.session.appRequest,
+				apps: rep
+			});
+		} else {
+			res.render('login', {
+				session: req.session,
+				login_title: "Login to use APP_NAME via authRxbn", // appRequest app name
+				appRequest: req.session.appRequest
+			});
+		}
+	});
 });

 route.all('/*', (req, res, next) => {
--- a/bin/web/views/request.pug
+++ b/bin/web/views/request.pug
@ -0,0 +1,27 @@
+extends blocks/layout.pug
+append var
+	if(session && session.user)
+		- var breadcrumb = {0: {"name": "authRXBN", "href": "/"}, 1: {"name": "Authorization", "active": true}};
+		- var title = "authorize App";
+
+append content
+	if(session && session.user)
+		.uk-container.uk-margin-bottom
+			h1 Authorize App
+			each app in apps
+				if(app._id == appRequest.appId)
+					div
+						.uk-card.uk-card-default
+							.uk-card-header.uk-card-primary
+								h3.uk-card-title "#{app.name}" needs authorization to login with your credentials
+							.uk-card-body
+								p= app.description
+								p
+									span Redirecting to:
+									br
+									i= app.access
+							.uk-card-footer.uk-flex.uk-flex-around
+								a.uk-button.uk-button-default.uk-button-default Cancel
+								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+id) Authorize request
+	else
+		include blocks/login.pug